An attractive brunette in a business suit is making her online pitch. “Are you tired of searching for legit CVV shops?” her animated form asks from the corner of the Web site. “Search no more,” she promises. This site has “handpicked cards” with “high balances.” “What are you waiting for? Register now.”
It looks like a legitimate business Web site, one for small business financing perhaps. However, I’m being shown this site — and asked not to identify it — by FBI special agent Keith Mularski in the offices of the National Cyber-Forensics & Training Alliance (NCFTA), a Pittsburgh-based alliance between international law enforcement agencies, businesses and academics that has been charged with tackling the growing menace of cybercrime. This is a site at the cutting edge of crime.
CVV stands for card verification value. This site, and its equally professional rivals, are selling stolen credit card information to criminals who snap them up like songs on iTunes. A dollar buys enough information to use someone else’s card online, US$30 buys a “dump,” all the information you need to copy a card and set off on your own real-world shopping spree with somebody else’s plastic.
There are millions of stolen accounts available, hacked from banks and online sellers, or swiped at cash machines. The FBI recently reclaimed 1.5 million numbers from one seller alone. You can sort by type, MasterCard, Visa, or American Express, by geography, or just stick to business cards for their higher balances. There is no need to fear getting ripped off. Criminals peer-review each other’s sites. It’s eBay for crooks.
Mularski knows a thing or two about cybercrime. For two years he ran one of the biggest underworld crime sites in the world. Using the pseudonym Master Splynter (a nod to the cartoon Teenage Mutant Ninja Turtles) Mularski masqueraded as a spammer, winning the confidence of online crooks and eventually taking over as host of Dark Market, at the time the largest online forum for cybercriminals.
The sting was a big victory for the US authorities, which, along with other governments, have struggled to keep up with the rapidly spreading threat.
Police officers from the UK, Germany, Netherlands, Australia and other countries work alongside the FBI at the NCFTA. The organization has about 500 business partners, from the big banks to technology companies and links with academics at local universities Carnegie Mellon and Pittsburgh.
The scale of the problem they are tackling is dizzying. According to a recent study by the British government, cybercrime is endemic and costs UK businesses alone an estimated £27 billion (US$44 billion) a year.
The criminals that buy this information operate a vast, international enterprise that employs teams of “mules” to buy goods either in person or online and yet more mules to launder their cash. They pay each other via digital currencies.
“Would you take a credit card if you were one of these guys?” Mularski asks.
These are multimillion-dollar businesses with serious costs.
“This is serious money,” he said.
And it is serious criminals that are doing it. Mularski says he hates the term “hacker.”
“It’s so generic,” he said. “Traditionally we have thought of this cybercriminal as a geek. When I first started in cybercrime, the impression I got was [of] the movie War Games, Matthew Broderick sitting in his parents’ basement. That’s not the case anymore. These are serious businessmen with serious skills.”
One man arrested as part of a recent FBI investigation had contracts with a factory in China to mass produce fake credit card readers that could steal people’s details. There is violence. Rivals have been kidnapped and tortured, and one spammer tried to take out a hit on a witness.
“Very traditional organized crime is moving into the cyber realm,” Mularski said.
Traditional organized crime activities such as racketeering or prostitution are not going away, but the new generation of criminals is as excited about online growth as their legitimate business rivals, he said.
However, there are major differences.
“This isn’t The Sopranos, or gangs,” he said. “You don’t have the same physical interaction. Here you do your transactions with the push of button, click of a mouse.”
Internet crime also attracts people who would never get involved in a bank robbery.
“When you are behind a keyboard, you’re anonymous, you have more bravado. You need a lot of chutzpah to go into a bank and rob it. You do things online that you may not do in ordinary life. People don’t start out thinking they will be a cybercriminal. They start out exploring. And before you know it, the line is crossed from curiosity to crime,” Mularski said.
Mularski’s high profile makes him a target for hackers. His office has also been working on tackling Anonymous, the hacker collective that has humiliated US government departments and big business on numerous occasions.
He would not comment on them except to say: “Hacking into a company, whether it’s to put information on the Web for everyone to see or if you’re going to make money, is still hacking, it’s still a crime.”
So does he feel vulnerable?
“I was worried for a bit, I’ll be honest,” he said, knocking on wood. “I’m very careful now. But the best protection of all is to turn your computer off.”
Could Asia be on the verge of a new wave of nuclear proliferation? A look back at the early history of the North Atlantic Treaty Organization (NATO), which recently celebrated its 75th anniversary, illuminates some reasons for concern in the Indo-Pacific today. US Secretary of Defense Lloyd Austin recently described NATO as “the most powerful and successful alliance in history,” but the organization’s early years were not without challenges. At its inception, the signing of the North Atlantic Treaty marked a sea change in American strategic thinking. The United States had been intent on withdrawing from Europe in the years following
My wife and I spent the week in the interior of Taiwan where Shuyuan spent her childhood. In that town there is a street that functions as an open farmer’s market. Walk along that street, as Shuyuan did yesterday, and it is next to impossible to come home empty-handed. Some mangoes that looked vaguely like others we had seen around here ended up on our table. Shuyuan told how she had bought them from a little old farmer woman from the countryside who said the mangoes were from a very old tree she had on her property. The big surprise
The issue of China’s overcapacity has drawn greater global attention recently, with US Secretary of the Treasury Janet Yellen urging Beijing to address its excess production in key industries during her visit to China last week. Meanwhile in Brussels, European Commission President Ursula von der Leyen last week said that Europe must have a tough talk with China on its perceived overcapacity and unfair trade practices. The remarks by Yellen and Von der Leyen come as China’s economy is undergoing a painful transition. Beijing is trying to steer the world’s second-largest economy out of a COVID-19 slump, the property crisis and
Ursula K. le Guin in The Ones Who Walked Away from Omelas proposed a thought experiment of a utopian city whose existence depended on one child held captive in a dungeon. When taken to extremes, Le Guin suggests, utilitarian logic violates some of our deepest moral intuitions. Even the greatest social goods — peace, harmony and prosperity — are not worth the sacrifice of an innocent person. Former president Chen Shui-bian (陳水扁), since leaving office, has lived an odyssey that has brought him to lows like Le Guin’s dungeon. From late 2008 to 2015 he was imprisoned, much of this